package com.youngjun.common.security.service.impl;

import com.youngjun.common.security.service.RequestMapService;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;

import java.util.Collection;
import java.util.LinkedHashMap;
import java.util.List;

import static org.springframework.security.access.SecurityConfig.createList;

public abstract class AbstractRequestMapService implements RequestMapService {

    public LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> getRequestMap(String path, String method){
        LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = new LinkedHashMap<>();
        List<String> requestRoles = getRequestRoles(path, method);
        if(requestRoles!=null&&!requestRoles.isEmpty()){
            requestMap.put(new AntPathRequestMatcher(path, method), createList(requestRoles.toArray(new String[0])));
        }
        return requestMap;
    }

    protected abstract List<String> getRequestRoles(String path, String requestMethod);

    @Override
    public boolean mustX509Authentication(String path, String method) {
        return false;
    }

    @Override
    public boolean mustXTokenAuthentication(String path, String method) {
        return true;
    }

    @Override
    public boolean mustRequestDataFilter(String path, String method) {
        return false;
    }
}
